Schrems II (aka Schrems 2.0)

Colloquial term for Data Protection Commission (Ireland) v. Facebook & Schrems. See "Max Schrems." The Irish Data Protection Commission brought the case to the Irish High Court seeking a referral to the CJEU (see "CJEU"). The Irish High Court referred 11 specific questions to the CJEU related to the use of EU-approved data transfer mechanisms, which the DPC felt required answers before completing its investigation into the validity of Facebook Ireland’s transfers of Max Schrems’ personal data to Facebook Inc, using standard contractual clauses as the legal basis for transfers. The case challenged the validity of standard contractual clauses for the transfer of personal data from the EU to the United States, on the same grounds Schrems used to challenge the Safe Harbor adequacy agreement (see "Schrems I"). On July 16, 2020, the Court of Justice of the European Union invalidated the European Commission’s adequacy determination for Privacy Shield, and placed additional requirements for companies using standard contractual clauses to third countries outside the EU.